Supplicants (e.g., endpoints) that attach to a network may be challenged by the network to provide authentication information. A supplicant controls access to a network interface. A network interface has at most one supplicant. One supplicant may service more than one interface. Security components associated with the network evaluate authentication information (e.g., identification and verification information) and determine whether access to network resources is allowed. Additionally, different levels of authorization may be given to supplicants to access different types of data and/or areas of the network. For example, some supplicants may be allowed to view only file names in a network, while other supplicants may be allowed to access and modify files. Similarly, some supplicants may be allowed to access certain parts of a network (e.g., research and development, accounting), while other supplicants may not. In some embodiments, authorization levels (e.g., access levels) may be determined by access control lists (ACLs) that match media access control (MAC) addresses and grant or deny access to certain areas of the network based on the MAC address of the supplicant.
Supplicants may also attempt to authenticate and authorize a network. However, conventional approaches to supplicant authorization operate in a binary manner. These approaches either allow all traffic from the network or deny all traffic from the network. This simple use of binary access levels may cause issues for supplicant entities (e.g., modules). These entities may be forced to close all access to the supplicant by a network due to perceiving a minor security threat or minor issue with the network. This binary closing may prevent the supplicant from accessing network services that could, for example, help the supplicant mitigate and/or eliminate the threat.
Additionally, supplicants in conventional environments do not share information regarding perceived security threats with other applications, control software, and so on. Typical embodiments require all of the applications to individually detect changes in the status of a network (e.g., detect security threats). This may increase security violations and increase network traffic. Security violations may increase because individual applications do not detect the security threat in time, while other supplicants have already perceived the threat. Network overhead may increase due to multiple applications simultaneously and/or continuously communicating on a network in an attempt to detect security issues. Recall that supplicants control access to a network interface while applications access a network through a supplicant. Applications may collect information from a network, may provide information to a network, may communicate with services accessible through a network, and so on. To review, a supplicant provides and controls access to network services. Multiple applications may make use of the supplicants services. Applications may in turn provide services to other applications or to end users. Applications may provide security services such as firewall or threat detection. Conventional supplicants cannot provide granular information about the network. Additionally, conventional applications using the network obtain and maintain their own set information about the network, and this information cannot be shared with other applications.